JavaScript is disabled for your browser. Some features of this site may not work without it.

The full text of this item is not available at this time because the student has placed this item under an embargo for a period of time. The Libraries are not authorized to provide a copy of this work during the embargo period, even for Texas A&M users with NetID.

A Gaze-Based Authentication System: From Authentication to Intrusion Detection

View/Open

Date

Author

Metadata

Abstract

The use of authentication systems has increased significantly due to the advancement of technology,
greater affordability of devices, increased ease of use, and enhanced functionality. These
authentication systems help safeguard users’ private personal information. There are a plethora
of authentication systems based on a variety of inputs such as pins, biometrics, and smart cards.
All of these authentication systems experience different threats and attacks. Shoulder surfing is an
attack when an intruder tries to look at what a user is inputting on the authentication system either
by looking over the shoulder or using the video technology. Pin-based authentication systems
are prone to shoulder surfing; e.g. at ATM’s or other public places an intruder can shoulder surf
what a user is entering as their pin/password. Biometric-based authentication systems are prone to
spoofing attacks. Smart Cards can be easily stolen, replicated, or even spoofed. Thus, the goal of
this research is to explore, develop, and quantify an alternate authentication system that addresses
issues/attacks faced by the most commonly used authentication systems. We do this through the
development of a gaze-based authentication system which addresses the problem of shoulder surfing, video analysis attacks, and spoofing attacks by an intruder. Results show an accuracy of 97.5% and F-measure of 0.97 is achievable while authenticating a user and an accuracy of 89.5 %
and F-measure of 0.89 is achievable when attempting to detect an intruder trying to log in using
someone else’s password.